I have been running letsencrypt for some time and have only just ran into an issue with it not working only with one domain name. It was working fine but then didn't auto renew.

I am running EE v3.7.4.

I am not using Cloudflare and have a CNAME www.

I have tried --letsencrypt=renew but all I get is

Letsencrypt is currently in beta phase.
Do you wish to enable SSl now for domain.com.au?
Type "y" to continue [n]:y
You already have an existing certificate for the domain requested.
(ref: /etc/letsencrypt/renewal/domain.com.au.conf)
Please select an option from below?
1: Reinstall existing certificate
2: Keep the existing certificate for now
3: Renew & replace the certificate (limit ~5 per 7 days)
Type the appropriate number [1-3] or any other key to cancel: 3
Please Wait while we renew SSL Certificate for your site.
It may take time depending upon network.
Unable to setup, Let's Encrypt
Please make sure that your site is pointed to
same server on which you are running Let's Encrypt Client
to allow it to verify the site automatically.

I backed up my site deleted it and created another blank site e.g.

ee site create mydomain.com.au --php7 --wpfc --letsencrypt

But still got the same error with LE. Checked my DNS and all still looks fine.

I am only running 1 other site on the same server which has a normal (non LE) SSL cert. Though now when I go to the domain in question I am still getting th SSL warning as its using the other domains SSL.

First, I doubt this is an ee or letsencrypt not working issue... Instead you probably didn't setup the cron job and you can't renew a cert after it expires. You have to create a new and there isn't a clear way to delete the old one in ee or le.

Hi, any progress on this? By experiment, I found following manual solution: rm -rf /etc/letsencrypt/live/${DOMAIN} rm /etc/letsencrypt/renewal/${DOMAIN}.conf Until doing that, I was getting errors on renew for the dead domain.

What?! I had no such issue with DNS records, nor with the nginx config files for the specified domain... It was really pis*ing me off..

So by following @jwogrady tip, I searched all SSL configs related to the problematic domain in order to manually remove those.

I ended up doing the following:

I completely removed all SSL related stuff for the specified domain by firing up the commands bellow:

sudo rm -rf /etc/letsencrypt/live/mydomain.com

sudo rm /etc/letsencrypt/renewal/mydomain.com.conf

sudo rm -rf /etc/letsencrypt/archive/mydomain.com

sudo rm /var/www/mydomain.com/conf/nginx/ssl.conf

sudo rm /etc/nginx/conf.d/force-ssl-mydomain.com.conf

With all the SSL stuff for the specified domain wiped out, simply restart ee stack or restart nginx alone, both might do the trick:

ee stack restart

or

ee stack restart --nginx

And finally

Reinstalled Let's encrypt SSL certificate as usual with:

ee site update mydomain.com --letsencrypt

Notice: I did not renewed it, I simply installed it as it was the first time setting up the SSL for the specified domain.

And EE successfully created a fresh SSL certificate for the domain

Letsencrypt is currently in beta phase. Do you wish to enable SSl now for mydomain.com?Type "y" to continue [n]: yPlease Wait while we fetch SSL Certificate for your site.It may take time depending upon network.Let's Encrypt successfully setup for your siteYour certificate and chain have been saved at /etc/letsencrypt/live/mydomain.com/fullchain.pemConfiguring Nginx SSL configurationAdding /var/www/mydomain.com/conf/nginx/ssl.confAdding /etc/nginx/conf.d/force-ssl-mydomain.com.confAdded HTTPS Force Redirection for Site http://mydomain.comCreating Cron Job for cert auto-renewal

Bonus

Some peeps might be serving their website from a different root directory other than the htdocs. Somewhere in the middle of the process of cleaning up all SSL related stuff for the problematic domain, it came to me I was running mydomain.com under a directory named public_html instead.

I've created the public_html so I could serve a static HTML site from this folder and serve WordPress under the htdocs default folder.

This also enlightened me about the /.well-known/ related issue I inspected earlier in the logs.

Not sure if that helped me or not, but I created a symlink between my custom public_html directory and the /.well-known/ thing by doing as follows:

The tail of error message is the same one you have added in your post.

Is there anything to do with the wordpress files inside htdocs folder which might be causing http to https redirection of some sort? (because within our wordpress settings, we inserted the site url as htts://mydomain.com while setting up the site, right?) .. just a speculation...

Update: I also edited my /etc/hostname file and added the following (just in case):12.34.56.786 mydomain.com sitename

A dialog with 3 choices appear. Choose #2 (keep the current certificate) and hit Enter. Now EasyEngine correctly identifies the LE installation and generates ssl.conf and force-ssl-mysite.com.conf in the appropriate directories.